A new wave of cyber attacks, which was first reported affecting computers in Ukraine, has spread across Europe and the globe. The Petya virus appears to be a variant of WannaCry, which impacted computers earlier this year. Although the Coast Guard has not yet fully analyzed this attack, initial reports indicate impacts across global banking and energy sectors, to include cargo facilities in several U.S. ports.
The Coast Guard encourages vessel and port facility operators, and other partners, to closely monitor their computer systems. Cyber best practices, such as ensuring software updates and patches are in place, practicing good cyber hygiene, and being alert for phishing attempts and other suspicious activity can reduce risk. Reminding all employees not to click on suspicious links or open attachments from unknown sources is a low cost, easy to implement measure.
Pay special attention to cyber dependent systems that control critical security, safety, or environmental functions. Wherever possible, such systems should have fail-safes and manual control options to limit the impacts of possible cyber disruptions. Maintaining current backups of critical data, in a cyber isolated location, can also reduce vulnerability to ransomware and other cyber attacks.
Coast Guard regulations require vessel and port facility operators to report any disruptions to cyber systems that control or influence functions regulated by the Maritime Transportation Security Act to the National Response Center. Examples include access control, monitoring, and cargo handling. The National Response Center can be reached at 1-800-424-8802.
General information on cyber best practices is found on Homeport, including the cyber community, and on the following sites:
U.S. Computer Emergency Readiness Team, https://www.us-cert.gov/
Industrial Control Systems Cyber Emergency Response Team, https://ics-cert.us-cert.gov/
NIST Cybersecurity Framework, https://www.nist.gov/cyberframework
The Coast Guard further advises vessel and facility operators to be aware that impacts to cyber systems, such as cyber controlled security cameras, can increase physical vulnerability. Coordination between cyber and physical security personnel within an organization should be part of a holistic cyber risk management program.